Technology Blogs by Members
Explore a vibrant mix of technical expertise, industry insights, and tech buzz in member blogs covering SAP products, technology, and events. Get in the mix!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unknown OAuth signature method trying to obtain a resource token

MichaelBeining
Participant
‎06-03-2016 10:51 AM
0 Kudos

When trying to obtain a resource request token from Jam as described in  http://help.sap.com/download/documentation/sapjam/developer/index.html#odata/concepts/Auth-OAuthDevG... I'm getting “Unknown OAuth signature method” with an error code of 400 is returned.

As webserver for the client app I'm using the Tornado python framework and for the POST request the requests library. The client app has been registered at https://developer.sapjam.com and a consumer key and consumer secret have been obtained successfully. The signature method chosen is “HMAC-SHA1”. And the request is being made from the server registered in the callback URL.

The POST request is being made as follows:

url = "https://developer.sapjam.com/oauth/request_token/"

key =  urllib.quote_plus(options.client_secret) + "&"

data = {

    'oauth_consumer_key' : options.client_key,

    'oauth_nonce' : str(uuid.uuid4()),

    'oauth_signature_method' : 'HMAC-SHA1',

    'oauth_timestamp' : str(int(time.time())),

    'oauth_version' : '1.0',

    'oauth_callback' : 'oob'

}

text = "POST&" + urllib.quote_plus(url) + "&" + urllib.quote_plus("oauth_callback=" + data["oauth_callback"] + "&oauth_consumer_key=" + data["oauth_consumer_key"] + "&oauth_nonce=" + data["oauth_nonce"]

+ "&oauth_signature_method=" + data["oauth_signature_method"] + "&oauth_timestamp=" + data["oauth_timestamp"] + "&oauth_version=" + data["oauth_version"])

signature = hmac.new(key, text, hashlib.sha1)

data["oauth_signature"] = signature.digest().encode("base64").rstrip('\n')

headers = {

    'Authorization' : 'Oauth'

}

response = requests.post(url, headers=headers, data=json.dumps(data))

The exact response text obtained is:

<?xml version="1.0" encoding="UTF-8"?>

<error>

  <http_status>400 Bad Request</http_status>

  <message category="invalid_oauth_request">Unknown OAuth signature method.</message>

</error>

Alternatives tried:

•    PLAINTEXT as signature method (and changing the signature accordingly) has been tried without any change in the response.

•    Sending the parameters in the Authorization header instead of the body was also tried but the response was the same.

•    Encoding the parameters in the body with the encoding scheme used by the "application/x-www-form-urlencoded" content-type returns “OAuth authentication failed” with error code 401 instead.

Thanks in advance for any help you can provide me

3 Comments
Labels in this area
Popular Blog Posts